Mon, 25 Nov 2024 22:05:31 UTC | login

Information for build curl-8.6.0-7.fc40

ID281956
Package Namecurl
Version8.6.0
Release7.fc40
Epoch
Sourcegit+https://src.fedoraproject.org/rpms/curl.git#f5a882f1213fe3b0c1470846229bdad5027516be
SummaryA utility for getting files from remote servers (FTP, HTTP, and others)
Descriptioncurl is a command line tool for transferring data with URL syntax, supporting FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMAP, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies, user+password authentication (Basic, Digest, NTLM, Negotiate, kerberos...), file transfer resume, proxy tunneling and a busload of other useful tricks.
Built bydavidlt
State complete
Volume DEFAULT
StartedWed, 21 Feb 2024 08:43:52 UTC
CompletedWed, 21 Feb 2024 09:56:20 UTC
Taskbuild (f40, /rpms/curl.git:f5a882f1213fe3b0c1470846229bdad5027516be)
Extra{'source': {'original_url': 'git+https://src.fedoraproject.org/rpms/curl.git#f5a882f1213fe3b0c1470846229bdad5027516be'}}
Tags
f40
f41
RPMs
src
curl-8.6.0-7.fc40.src.rpm (info) (download)
riscv64
curl-8.6.0-7.fc40.riscv64.rpm (info) (download)
libcurl-8.6.0-7.fc40.riscv64.rpm (info) (download)
libcurl-devel-8.6.0-7.fc40.riscv64.rpm (info) (download)
libcurl-minimal-8.6.0-7.fc40.riscv64.rpm (info) (download)
curl-debuginfo-8.6.0-7.fc40.riscv64.rpm (info) (download)
curl-debugsource-8.6.0-7.fc40.riscv64.rpm (info) (download)
libcurl-debuginfo-8.6.0-7.fc40.riscv64.rpm (info) (download)
libcurl-minimal-debuginfo-8.6.0-7.fc40.riscv64.rpm (info) (download)
Logs
riscv64
state.log
hw_info.log
build.log
root.log
mock_output.log
Changelog * Mon Feb 19 2024 Jan Macku <jamacku@redhat.com> - 8.6.0-7 - Fix: Leftovers after chunking should not be part of the curl buffer output (#2264220) * Mon Feb 12 2024 Jan Macku <jamacku@redhat.com> - 8.6.0-6 - revert "receive max buffer" + add test case - temporarily disable test 0313 - remove suggests of libcurl-minimal in curl-full * Mon Feb 12 2024 Jan Macku <jamacku@redhat.com> - 8.6.0-5 - add Provides to curl-minimal * Wed Feb 07 2024 Jan Macku <jamacku@redhat.com> - 8.6.0-4 - drop curl-minimal subpackage in favor of curl-full (#2262096) * Mon Feb 05 2024 Jan Macku <jamacku@redhat.com> - 8.6.0-3 - ignore response body to HEAD requests * Fri Feb 02 2024 Jan Macku <jamacku@redhat.com> - 8.6.0-2 - don't build manual for curl-full - use man 1 curl instead (#2262373) * Thu Feb 01 2024 Jan Macku <jamacku@redhat.com> - 8.6.0-1 - new upstream release, which fixes the following vulnerabilities CVE-2024-0853 - OCSP verification bypass with TLS session reuse - drop 001-dist-add-tests-errorcodes.pl-to-the-tarball.patch (replaced by upstream fix) - remove accidentally included mk-ca-bundle.1 man page (upstream bug #12843) * Fri Jan 19 2024 Fedora Release Engineering <releng@fedoraproject.org> - 8.5.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Wed Dec 06 2023 Jan Macku <jamacku@redhat.com> - 8.5.0-1 - new upstream release, which fixes the following vulnerabilities CVE-2023-46218 - cookie mixed case PSL bypass CVE-2023-46219 - HSTS long file name clears contents * Wed Oct 11 2023 Jan Macku <jamacku@redhat.com> - 8.4.0-1 - new upstream release, which fixes the following vulnerabilities CVE-2023-38545 - SOCKS5 heap buffer overflow CVE-2023-38546 - cookie injection with none file * Wed Sep 13 2023 Jan Macku <jamacku@redhat.com> - 8.3.0-1 - new upstream release, which fixes the following vulnerabilities CVE-2023-38039 - HTTP headers eat all memory * Wed Aug 02 2023 Jan Macku <jamacku@redhat.com> - 8.2.1-2 - enable websockets (#2224651) * Wed Jul 26 2023 Lukáš Zaoral <lzaoral@redhat.com> - 8.2.1-1 - new upstream release (rhbz#2226659) * Wed Jul 19 2023 Jan Macku <jamacku@redhat.com> - 8.2.0-1 - new upstream release, which fixes the following vulnerabilities CVE-2023-32001 - fopen race condition * Tue May 30 2023 Jan Macku <jamacku@redhat.com> - 8.1.2-1 - new upstream release, with small bugfixes and improvements * Tue May 23 2023 Jan Macku <jamacku@redhat.com> - 8.1.1-1 - new upstream release, with small bugfixes and improvements * Wed May 17 2023 Kamil Dudka <kdudka@redhat.com> - 8.1.0-1 - new upstream release, which fixes the following vulnerabilities CVE-2023-28321 - IDN wildcard match CVE-2023-28322 - more POST-after-PUT confusion * Fri Apr 21 2023 Kamil Dudka <kdudka@redhat.com> - 8.0.1-3 - tests: re-enable temporarily disabled test-cases - tests: attempt to fix a conflict on port numbers - apply patches automatically * Tue Mar 21 2023 Lukáš Zaoral <lzaoral@redhat.com> - 8.0.1-2 - migrated to SPDX license * Mon Mar 20 2023 Kamil Dudka <kdudka@redhat.com> - 8.0.1-1 - new upstream release * Mon Mar 20 2023 Kamil Dudka <kdudka@redhat.com> - 8.0.0-1 - new upstream release, which fixes the following vulnerabilities CVE-2023-27538 - SSH connection too eager reuse still CVE-2023-27537 - HSTS double-free CVE-2023-27536 - GSS delegation too eager connection re-use CVE-2023-27535 - FTP too eager connection reuse CVE-2023-27534 - SFTP path ~ resolving discrepancy CVE-2023-27533 - TELNET option IAC injection * Mon Feb 20 2023 Kamil Dudka <kdudka@redhat.com> - 7.88.1-1 - new upstream release * Fri Feb 17 2023 Kamil Dudka <kdudka@redhat.com> - 7.88.0-2 - http2: set drain on stream end * Wed Feb 15 2023 Kamil Dudka <kdudka@redhat.com> - 7.88.0-1 - new upstream release, which fixes the following vulnerabilities CVE-2023-23916 - HTTP multi-header compression denial of service CVE-2023-23915 - HSTS amnesia with --parallel CVE-2023-23914 - HSTS ignored on multiple requests * Fri Jan 20 2023 Kamil Dudka <kdudka@redhat.com> - 7.87.0-4 - fix regression in a public header file (#2162716) * Thu Jan 19 2023 Fedora Release Engineering <releng@fedoraproject.org> - 7.87.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild * Wed Jan 11 2023 Kamil Dudka <kdudka@redhat.com> - 7.87.0-2 - test3012: temporarily disable valgrind (#2143040) * Wed Dec 21 2022 Kamil Dudka <kdudka@redhat.com> - 7.87.0-1 - new upstream release, which fixes the following vulnerabilities CVE-2022-43552 - HTTP Proxy deny use-after-free CVE-2022-43551 - Another HSTS bypass via IDN * Tue Nov 29 2022 Kamil Dudka <kdudka@redhat.com> - 7.86.0-4 - noproxy: tailmatch like in 7.85.0 and earlier (#2149224) * Thu Nov 24 2022 Kamil Dudka <kdudka@redhat.com> - 7.86.0-3 - enforce versioned libnghttp2 dependency for libcurl (#2144277) * Mon Oct 31 2022 Kamil Dudka <kdudka@redhat.com> - 7.86.0-2 - fix regression in noproxy matching * Wed Oct 26 2022 Kamil Dudka <kdudka@redhat.com> - 7.86.0-1 - new upstream release, which fixes the following vulnerabilities CVE-2022-42916 - HSTS bypass via IDN CVE-2022-42915 - HTTP proxy double-free CVE-2022-35260 - .netrc parser out-of-bounds access CVE-2022-32221 - POST following PUT confusion * Thu Sep 01 2022 Kamil Dudka <kdudka@redhat.com> - 7.85.0-1 - new upstream release, which fixes the following vulnerability CVE-2022-35252 - control code in cookie denial of service * Thu Aug 25 2022 Kamil Dudka <kdudka@redhat.com> - 7.84.0-3 - tests: fix http2 tests to use CRLF headers to make it work with nghttp2-1.49.0 * Wed Jul 20 2022 Fedora Release Engineering <releng@fedoraproject.org> - 7.84.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild * Mon Jun 27 2022 Kamil Dudka <kdudka@redhat.com> - 7.84.0-1 - new upstream release, which fixes the following vulnerabilities CVE-2022-32207 - Unpreserved file permissions CVE-2022-32205 - Set-Cookie denial of service CVE-2022-32206 - HTTP compression denial of service CVE-2022-32208 - FTP-KRB bad message verification * Wed May 11 2022 Kamil Dudka <kdudka@redhat.com> - 7.83.1-1 - new upstream release, which fixes the following vulnerabilities CVE-2022-27782 - fix too eager reuse of TLS and SSH connections CVE-2022-27779 - do not accept cookies for TLD with trailing dot CVE-2022-27778 - do not remove wrong file on error CVE-2022-30115 - hsts: ignore trailing dots when comparing hosts names CVE-2022-27780 - reject percent-encoded path separator in URL host * Wed Apr 27 2022 Kamil Dudka <kdudka@redhat.com> - 7.83.0-1 - new upstream release, which fixes the following vulnerabilities CVE-2022-27774 - curl credential leak on redirect CVE-2022-27776 - curl auth/cookie leak on redirect CVE-2022-27775 - curl bad local IPv6 connection reuse CVE-2022-22576 - curl OAUTH2 bearer bypass in connection re-use * Tue Mar 15 2022 Kamil Dudka <kdudka@redhat.com> - 7.82.0-2 - openssl: fix incorrect CURLE_OUT_OF_MEMORY error on CN check failure * Sat Mar 05 2022 Kamil Dudka <kdudka@redhat.com> - 7.82.0-1 - new upstream release * Thu Feb 24 2022 Kamil Dudka <kdudka@redhat.com> - 7.81.0-4 - enable IDN support also in libcurl-minimal